Silence
Aliases: Whisper Spider
Silence is a financially motivated threat actor targeting financial institutions in different countries. The group was first seen in June 2016. Their main targets reside in Russia, Ukraine, Belarus, Azerbaijan, Poland and Kazakhstan. They compromised various banking systems, including the Russian Central Bank's Automated Workstation Client, ATMs, and card processing.
Open interactive actor investigation
ATT&CK techniques
T1571
Non-Standard PortT1053.005
Scheduled TaskT1055
Process InjectionT1547.001
Registry Run Keys / Startup FolderT1059.005
Visual BasicT1112
Modify RegistryT1021.001
Remote Desktop ProtocolT1125
Video CaptureT1059.007
JavaScriptT1218.001
Compiled HTML FileT1072
Software Deployment ToolsT1113
Screen CaptureT1027.010
Command ObfuscationT1569.002
Service ExecutionT1090.002
External ProxyT1553.002
Code SigningT1105
Ingress Tool TransferT1078
Valid AccountsT1018
Remote System DiscoveryT1003.001
LSASS MemoryT1059.001
PowerShellT1588.002
ToolT1070.004
File DeletionT1566.001
Spearphishing AttachmentT1036.005
Match Legitimate Name or LocationT1204.002
Malicious FileT1059.003
Windows Command ShellT1106
Native API
Non-Standard PortT1053.005
Scheduled TaskT1055
Process InjectionT1547.001
Registry Run Keys / Startup FolderT1059.005
Visual BasicT1112
Modify RegistryT1021.001
Remote Desktop ProtocolT1125
Video CaptureT1059.007
JavaScriptT1218.001
Compiled HTML FileT1072
Software Deployment ToolsT1113
Screen CaptureT1027.010
Command ObfuscationT1569.002
Service ExecutionT1090.002
External ProxyT1553.002
Code SigningT1105
Ingress Tool TransferT1078
Valid AccountsT1018
Remote System DiscoveryT1003.001
LSASS MemoryT1059.001
PowerShellT1588.002
ToolT1070.004
File DeletionT1566.001
Spearphishing AttachmentT1036.005
Match Legitimate Name or LocationT1204.002
Malicious FileT1059.003
Windows Command ShellT1106
Native API